I'd like to introduce Chris Sumner and Dr. Randall Wald.
All right. Just checking the audio there. Thanks for making it this early hour or for
rolling by on your way home. Either way, very much appreciated. As the gentleman there said,
I'm Chris Sumner. I'm representing a small charitable organization called the Online
Privacy Foundation, or privacy in the U.S. And part of our remit is that we look at behavioral
residue. That's the sort of stuff you do. And we look at that in an online context to see if
you're giving away stuff without actually knowing that you're giving away. So in this
experiment, we're looking at susceptibility to interacting with a social bot on Twitter or you
could perhaps say a stranger. So before I begin, I was also on the CFP review board panel for
DEF CON. So I'm going to talk a little bit about that. So I'm going to talk a little bit about
this. I know there are a ton of awesome talks. And there's a couple even running parallel to this
one. So what I wanted to do was just highlight some areas of this talk which some of you may
already know about. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of
familiar with astroturfing, the term swift boating, and a gentleman called Yazan Boshmaf, then
approximately 50% of the presentation may be, how can I put it, a touch on the light side for you.
But if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
this. So if you're familiar with the Web Ecology Project, Tim Huang, you're sort of familiar with
hack things and win money, or just
hack things. The goal of this
experiment wasn't to
laser, you know, with laser accuracy
pinpoint somebody who's susceptible
to a social bot on Twitter.
It was more to improve the odds
in your favor.
So, or at least
improve the odds over a baseline performance.
So that's what we were really
aiming for. So if you're expecting laser
precision to find the most susceptible person
in an organization, you'd probably be disappointed.
But if you want to move the odds
slightly and give you a bit more
of an advantage, then
stick around.
Okay, so with that out of the way,
you know, if folks think that's not for them,
then I pretty much, I like the
dude what the fuck in my car talk
when I was reviewing it. That looked pretty good.
So, moving
on, starting the presentation for real.
This gentleman is called
Tim Huang, and
in 2011, he
ran a competition called the
Social Bots Competition.
And essentially how that worked
is he had three teams
with
social bots competing
to win a prize, which I think was a
small amount of money and then just
props, essentially.
So, they were given
a target audience of
500 Twitter users to
go and apply
their bots to. And they were given
all of these Twitter users had
something in common. It was that they had
tweeted or had some interest in cats.
And that, okay,
so that's a lot of Twitter users, but
the social bot
teams were scored, they got one for a
follow back, they got three points
for a social response, and they
got 15, killed 15
points, docked 15 points if they were
killed by Twitter. So,
you know, sort of suspended accounts.
So, that was the scoring mechanism
for the Social Bots Competition.
It was described
as blood sport for internet
social science and network analysis.
So, I'm
not going to go into this in too much
detail, because there's a really nice Ignite video
that lasts about five minutes. You can watch that
where Tim explains the competition, and
it's really pretty good. And that's, all of that
stuff is in the speaker notes. So, all of the
references and what we're talking or
intended to say is in the speaker notes, so don't
worry too much about writing notes.
One
team won, obviously.
And it was a team led
by a gentleman called
AeroFade on Twitter.
And his bot got 198
responses out of the
500, which is pretty good, almost
40%.
So, we're going to come back to
AeroFade and his social
bot in just a short while. Now, he
was in the audience when we talked about this at
Black Hat. If you're in the audience today, then
make yourself known, AeroFade, and we'll
get you on stage or something.
So,
most research in this area is focused on
actually looking at identifying
social bots,
or bots on Twitter
or social networks or other social networks,
but there's far less research in looking at
the human factors involved with
who responds to social bots or who
interacts with potential
strangers online. So,
as the goon mentioned
at the beginning of the
talk, last year we were looking at
psychopathy. We weren't trying to identify
clinical psychopaths. We were
looking at psychopathy as a range
to see if you could actually,
if it was possible to
improve the odds in your favor of
being able to, you know, whether they had certain traits
or not, whether you could
reduce the chance of hiring one
potentially. And that was kind of what we
were looking at. Not saying that that's what it
should be used for, but that's what we were looking at. And as part
of that research, we thought, oh, this
would be really neat to actually start having a look
at social bots as well, because that was the sort of
same time we became aware of the
social bot competition from Tim Huang.
So, we were like, okay, what can we do? We asked
a subset of those users
that took part in this experiment if they're
interested. They'd also take part in an experiment
where they'd receive an unsolicited
tweet at some point in the future.
And you might think,
okay, well, that taints the experiment to begin
with, but people get unsolicited
tweets all the time. So,
we felt that that was quite reasonable.
And we had a pool of roughly 700 people
tick the box to be part of that
part of the experiment out of 3,000.
So, we had two main
questions. The first was, are some users
more naturally predisposed to
interacting with strangers or social bots on
line? And the other was,
is it possible to increase the odds of
getting a response from a Twitter user
based on this for any social
bot, so that the social bot
in context
can avoid Twitter jail,
accounts suspended?
So, a good question
at this point would be, who cares?
Now, for the younger people in the audience, you may
not remember Different Strokes, but it's well worth
trying to find on YouTube or whatever, because
it was an awesome program from my
childhood.
So, one group that
are really interested in or
have a lot of vested
interest in this is marketing
and sales types.
So, the reason they're
interested is because previously all of
their work was based on likes
and what have you on
Facebook, for example, or follow account.
But now that's shifting to
engagement, because companies
paying for marketing services have got wise
to the fact that it's easy to generate fake
likes and friend
accounts and blow them through the roof, but
it's less hard, or it's less easy
for them to fake engagement.
So, it behooves
them to actually try and
create some engagement. The next group
that are interested are propagandists,
and we'll talk about that in some more detail,
trying to spread a
message, or their message, and highlight
that through social media.
Another group, and this
uses a mock-up of a tool called
ModTigo,
which is a fantastic tool.
You'll be interested in taking a group
of social users
from a particular corporation
and trying to identify
which of those groups are more likely
to respond to your social
stranger request or
your social bot request.
So, again, picking out the users who are
least likely to, focusing on the
ones that are most likely to respond.
Then the other group that
are interested in this kind of research
are privacy researchers, and this chap
is called Erhard Graf,
at MIT, and he's got an
excellent paper called
What We Should Do Before
Social Bots Take Over Online
Privacy Protection and the Political Economy
of Our Near Future.
And he's concerned, or one of the things he's concerned
about in his paper is that social bots
may be able to harvest a lot of
otherwise private information by
engaging with users who are,
I don't want to say gullible, but are trusting
enough to provide certain information
which they wouldn't provide
if they knew it was a fake
account or a robotic account.
So he was quite worried about that.
We'll talk about that in a little bit more detail.
And the final group are
social network providers.
So, Facebook, for example,
have their Facebook immune system,
and it's kind of this constant battle of
they're trying to find fake accounts,
and the fake account creators are constantly evolving
to try and beat the Facebook immune system.
But they're actually pretty good at it.
And also, I have to say that Twitter
have done a pretty good job.
If you look at spam, maybe it was like 2011,
they've been settling that down.
So these are the bigger social networks
and obviously they've been applying
more time to this kind of activity.
So we set about
creating some social bots
to actually go in and have a look at this.
So let me go over some of the
history in this
sort of sphere of research.
So
the talk's going to proceed really with
a history of some of the current research.
Then we'll talk about the experiment method,
discuss the findings that we
had, and just wrap up with some conclusions.
That's how it's going to go down
essentially. So
Wagner et al., who are the only other people
that we've found doing
research into social bots on Twitter,
provided this working definition
of a social bot.
A social bot is a piece of software that controls
a user account in an online social
network and passes itself off
as human. So kind of well derbed,
but that is
a reasonable working
definition.
You might also hear the term
Sybil. Sybil was coined by a chap
called John Dueser at Microsoft Research.
And it looks also,
I mean that's kind of the same thing with
fake accounts. And it derives its name
from a lady who had like 16 different
personalities and there's a movie and a book of the same
name. And some of you
might well be going, well social bots aren't
anything new because we had
chat bots on IRC and all of that sort
of stuff. And you're right as well about that
because this paper here was
published in 1994 and there may be earlier ones.
So I mentioned
popularity being a driving
factor. We've certainly had a lot of
that in Twitter where you've got fake
accounts. Justin Bieber's got
a whole raft of fake
followers apparently.
But it does make you look a little bit
popular. Who's going to trust a brand that's only
got maybe 10 followers?
Maybe not that many.
The other thing of course is spam.
So you get DMs. I'm
wondering whether this was just a
sort of hint that maybe I should lose some
weight.
But
I didn't lose nine pounds using
whatever that stuff is.
Acacia berries. But anyway that
was kind of what you saw a lot on
Twitter as spam and you're always thinking who clicks on
that stuff, right? The other thing
is that you can get some social bots that are
actually quite amusing. So in this one for example
we've got this chap called Kevin who
tweets to his followers, whoever his followers
are. Had a successful auction
yesterday. Thank you universe.
To which the universe promptly replied
no problem Kevin.
Get out there and do your thing.
So one
bot that I'm particularly
sad to have seen gone was a
bot by a gentleman called Neil
Codner called the world of
shit bot. So every time you
mentioned the movie Full Metal Jacket
it would tweet you back and give
you a ton of grief.
And it was actually hilarious such that
you'd want to go out and just mention Full Metal
Jacket just to receive the grief.
But that no longer does that.
Which is a real pity. If Twitter
could somehow work with Neil I'd love to see that
reinstated. Then there was
another chap Nigel Leck
I think in New Zealand or Australia who got
tired of debating
climate change deniers.
So he created a bot. The clue is
kind of in there. It's a
Turing test was the name he
used for it. So anytime
somebody was talking about climate
change or
denying climate change
he would have his bot
go and pick out bits of research and
email them back and try and set them
straight. So you could apply that
to religion, politics or anything you
like to argue on your
behalf because you've got other things to do right?
It's a time saving device.
Another
gentleman and this is well worth taking a look
at was Project Real Boy by a chap called
Greg Mara. And he
was kind of one of the first to
actually start looking at social bots and
creating social bots on Twitter that behaved
kind of more like humans really.
So well worth
checking out. I'm not going to go into too much detail
about that because we'll be short on time.
Then politics.
So I always
mispronounce Rulof's second name
but Rulof Tamingi
from
Paterva fame, the guys that wrote
Maltego. Rulof and
Kenneth Gears wrote a paper in 2009
called Virtual Plots, Real Revolutions.
And he
discusses the concept here of what if
both left and right wing blogs were seeded with
false but credible information
about one of the candidates.
Well a year later
on Twitter we saw
there was a vote
between Martha Coakley and Scott
Brown but shortly
before that vote there was
a lot of
I don't know
misinformation or dragging
Martha's name through the mud on Twitter
and that escalated pretty quickly
so that it was
kind of an overwhelming amount of
negative information about Martha Coakley
and the result
although it may not be related to what happened
on Twitter was that Scott Brown won.
There was certainly a lot of discussion
on the use of Twitter
to sort of slate Martha Coakley
and that got a name
or has been also
attributed to a name
and the name for that is
Swift Boating.
That
That
, that actually went a little bit better in practice
but
That's just
everything I do.
So but that gained its name not from
Taylor Swift
but from the
US military veterans
where you've got this sort of thing where you
question somebody's military record
and that apparently has some effect on
how popular they're going to be in certain states.
So the other thing we've been seeing
is that a bunch of
Russian students or bloggers or what have you
were paid some
money to write positive blogs
about President Putin in the run up
to his election.
It's not a brilliant example of this
but it is an example
and that's got a term, it's called astroturfing
and that's essentially a fake grassroots
campaign to make somebody
look popular and to build
support for a message, a political agenda
any sort of agenda essentially.
There's a group at the
Indiana University who've been
working on a project called Truthy
which aims to detect sort of
political and other sorts of
astroturfing and the generation of memes
and sort of activity
like that online and that's
worth having a look. They've got some neat videos
you can put in a meme or something
like that and look at where it originated
from. So they're actually doing some really good
work because they feel that
what's out there on social media
has got a real impact in the real
world and they need to pay some attention
to this space. So really
interesting. Then we've
got sock puppets.
It was HB
Gary's email hack
when was that, 2010, 11 or something
like that, kind of switched me on
to the term of sock puppets
and it mentioned that US spy operations
were, or military operations
were looking for sort of fake persona
management and there was some
discussion about whether that had
been used in like the Arab
Spring context to help nudge
a certain group into a certain
direction. The interesting
thing about that particular
concept is that this was cited in
Ruloff and Kenneth Geer's
2009 paper as well.
It states a large
virtual population scattered
all over the world and encompassing
different socio-economic backgrounds
could be programmed to support any
personal, business, political, military or
terrorist agenda. So there's some
incentive there.
Next, at Christmas this year
there's
a mobile phone provider
in the UK
that was sending out tweets like this
to users who were having problems
please follow us and DM your mobile
number, postcode and password
thanks. That was the legitimate
account.
That got picked up by a gentleman
in Australia called Troy Hunt
who some of you may follow on
Twitter or maybe read his blogs but some
excellent blogs
and he was tweeting them and got one tweet
back from this account
My EE Care
which looks a lot like EE
but isn't. It's subtly different
so he's looking
Troy Hunt responded to this tweet
I'm not saying Troy Hunt's
susceptible because I responded
to that tweet too
saying something like it was nice to see you
taking an engaging approach
to tackling the problem
to which the My EE Care folks
said no we don't really care actually
but the point
is that if you can get
your bot to work on behalf
of a brand and get in there before your brand
a number of users aren't actually going to check
whether it's the legitimate one or the
non-legitimate one
Then after our black hat talk on
Wednesday a gentleman came up to us and
started asking questions
about the possibility of misdirecting
emergency resources during
some sort of unrest
and that made me think oh yeah
actually there's a chap at Manchester University
professor
he's a proctor I want to say
I might be wrong about that
I'll add that to the speaker notes
but he was looking at fake information
in relation to the London riots
and what they'd observed
they were observing rumours
and the rumours were like there's lots of
carnage and there's shops on fire
don't go into this high street
and that was perpetuating around Twitter
at the time
and yet that high street had almost nobody on it
and there was certainly not a riot
and no stores were on fire
so they were looking at
how long it takes for a rumour to
perpetuate and the truth catch up
and his statement which made me chuckle
but I'm sure it's not new is like
a rumour gets half way around the world
before the truth has a chance to put his pants on
so
there's another way you could sort of use it
I mentioned
Tim Huang
he set up an organisation called
Pacific Social
because part of that
the experiment the social bots
experiment was really looking at
okay you've got the group of 500
after that it sort of morphed
majorly the social graph
so he was like oh can you distort the social graph
maybe stitch two disparate communities together
so that was kind of his
position on that topic
and wanted to sort of research it a little bit more
the other thing he was interested in
is something called emotional contagion
and happiness buffering
so you take a group of people who are happy
when their happiness levels drop below
a certain threshold then you start
projecting happy tweets into the network
and using sentiment analysis
and turn the sad people
happy again
so that's one of the things they're looking at
I'm not sure how far they've got to
and he also mentioned this concept of social penetration testing
so spread
information with small inaccuracies
see where they're challenged and where they're not challenged
identify who's the most influential
but also the worst at evaluating
what's real and target them
then this chap here Yazan Boshmef
at the University of British Columbia has studied bots
in quite some depth
in relation to Facebook
and he had this
social bots steal 250 gigabytes of user data
which ties back nicely to the
graph paper from MIT
so
Boshmef was one of the first
to actually say we need to understand
some of the human factors behind who's engaging
with social bots and fake accounts
and to that end there are two groups that are looking at that
the secure and trustworthy cyberspace
initiative out of the US and the
cyber threat project out of
Oxford University
so we set about looking at social bots
to find people who will talk
with anyone about anything essentially
so our methodology
we used the winning bot code from
the social bots competition
at aero fades bot
and we did that with some minor modifications
which I'll talk about
but essentially it was the same
it was under MIT license
we had 610 participants
we got their twitter information and personality information
and their clout score
and then a linguistic analysis of their tweets
we divided them into two groups of 305 each
and assigned them each a bot
we did that just so that we could
get the whole job done with quicker
that was all
we gave our bot
an image of an old lady
with a bio along the lines of
I've got my own teeth
whereas the aero fade bot had like a young
dude in New Zealand
so we switched some sort of things around
how the bot works is that it takes
a flicker group
in our case dog fashion
but in his case kitten fashion
post it to word press and then tweet
so you'd get a picture like that
put it into word press like that
and then you'd get a tweet out there
saying something like new blog post
so this is creating some content for the bot
then next we used a service called if this then that
which actually then took
let's see
if the weather went
above 20 degrees C
in a place where this old lady
supposed to live
then she'd post a tweet
and that looked something like this
wonderful I can switch the heating off now
it's 21 degrees C and sunny in Bournemouth
so this is creating some content at least
then we got our target users
305
and began following them
if any followed back
then we'd log them in an interaction csv file
that's how technical it got
no databases just csv
yeah
let's hear it for csv files
yeah exactly
so then we started tweeting
we started tweeting some random
random shit basically
and this was not what we tweeted
but what Aero
this is what Aerofadesbot tweeted
but we felt that Hose may be interpreted
as slightly misogynistic
so we swapped our tweets where we felt that we might
get into a little bit of difficulty
and stuff like this instead
and then
you know like this as well
so these were obvious cues that our bot might not be
the person she's pretending to actually be
and here
you know
we swapped any references to cats
to dogs
that's essentially all we did
so you might think yes that's banal
and yes it is because we wanted to keep it as close as possible
to the web ecology project
so we only switched dog for cats
and removed anything that might be construed as slightly misogynistic
so all of the responses
to that were as I say
sort of logged in an interactions file
and then once we had targeted all of the users
i.e. followed them all
then we started asking them questions
to see if we could generate a response
this was how Aerofadesbot actually worked
so we had questions along the line of
ever milked a cow
what's better
a dog
or a cat
and then we like
look at trying to get some
some responses to that
or maintain a conversation
if a conversation actually occurred
so Aerofadesblog
would just respond randomly from a pool of
tweets where our bot actually used
an ELISA engine so you get something like this
hello and it would say hey how's your day going so far
but what I liked about
Aerofadesbot is that it would actually
be pretty funny sometimes
so we wanted to maintain that and embed some of the random
tweets in here
so it was a bit of a flip of the coin
so you could get for I think
it would say interesting or
lol that's what she said
so
so it could go kind of random
but we also had to consider the problem of ethics
so you know
we'd put some buffering in there
so we could actually look at what our bot was going to tweet out
before she tweeted it out
and this is why this is Aerofadesbot
James M Titus
do you have any pets and if so what
your avi is adorable your kitty
now I don't currently have any pets since my kitty passed away
years ago to which Aerofadesbot
responded lol
that rules
so props
to Aerofades for making me cry
with laughter reading that
blog post so we got
a ton of limitations which you're all thinking about
and you're right we used basic measures
of personality which you can read about
we had a pretty basic and dumb social bot
each user got a different question
so maybe the questions had an impact of whether
people responded as the
experiment progressed more people followed the bots
and arguably gave it more credibility
and we had no use of follow up to see if
the people knew it was a social bot
and were just you know playing along
so but either way people
interacted and it's
pretty much identical to the web ecology project
which has already got some research on it as well
although we looked
at the dimension of personality
so what did we find
well we got 20%
return or response rate
whereas the Aerofadesbot had got
20% and that could be for a number of reasons
we targeted a diverse range of people
and they targeted people who were liking cats
we also had an old lady
they had a dude from New Zealand
so there are a number of reasons
why that could be but we had
124 interactions
which were 39 follow backs
which could be automated for sure
and replies were
85 replies so
the most interactions
we had were 10 interactions with one user
and 2 people interacted 9 times
and there's kind of a steady breakdown
to where we had
65 people replied just once
so the difference between us and Aerofade
is pretty clear if we look at it on a sort of
percentage scale
we also had some interesting funny events around
trolling which Aerofade
had also noticed in his bot
so you get
we had this interaction
using no more than 10 nouns and only nouns
describe yourself
to which the user replied facetious
it rhymes with runt
almost 10 times
annoying
and then our bot
with the Eliza engine
how do you feel when you say that
which gave me a chuckle at the time
that was actually one of the major benefits
of conducting this research
is actually having a laugh at the interactions
I'm laughing so
bring it on
essentially in bot terms
but we also got spotted as well
so we had
we had some interaction what do you do for a living
I help and guide this is pretty clear
response here
software for administrative organisations
and she responds out of
Aerofade's random responses
you're right and when you're right you're right
you're a bot aren't you
Granny failing
Turing test after one exchange
the singularity is still a fair way off
or something like that
looking at
personality we found
during Richard Thiem's talk
yesterday it indicated that people might not be
familiar with cultural classics
from the 80s well
Ferris Bueller from Ferris Bueller's Day Off
and I used him as a flag for extraversion
we found that
extraverted users were more likely
to respond statistically
significantly more
likely to respond than
non-extraverted users and that's using
a scale called 10 item personality
inventory by Professor Sam Gosling
in Texas
we found that
clout score was significant as well
there were no other personality traits
by the way and we looked at a bunch of them
clout score
friends
and followers all had
some statistical significant
relationship albeit relatively weak
so what
well in terms of
e-learning for corporations most e-learning
around phishing and social network is kind of a
one size fits all approach
and we wanted and if you think
about that that's targeted more
introverts there's some papers that look
at the effectiveness of e-learning
and personality and they cite that introverts
have a better time if they've
got less control over the learning experience
where extroverts do worse
so I think there's some
mileage in exploring this and exploring
how this relates in the context to actually
developing sort of corporate
e-learning experience
so moving on quickly to sort of data mining
and machine learning
so this was our baseline performance
false positives in red true positives in green
we want to avoid
this bit really because these
are the people that are probably going to try and suspend
us like that
try and aim for this which is perfection
and a precision of 100%
we're going to go light on some of these terms
and the real
aim here for us isn't to achieve
perfection well it actually is to
achieve perfection but we're not going to do it
more realistically what we want to try and do
is just reduce the false positive rate
a bit so that we're spamming
less people and hopefully getting more
of the people we are talking to
responding so
for the next five minutes we're going to go a little bit
heavier into some of the machine learning stuff
and then we'll wrap up sort of five minutes
after that and so it's my pleasure to introduce
Dr. Randall Wald who I met here
a couple of years ago in the Q&A room
as Chris was saying
basically we had these data
we wanted to actually work with it more
and build models to understand what's really going on
with our users and what we can use
how that can help us make
better predictions and get better results
so this very basic
this is what data looks like
you've got instances in this case
we have three instances here
you're going to see
Alice, Bob and Charles
and instance, each instance
has many attributes
in this case we see three
attributes here one the class attribute
the one we care about
and then also the independent attributes
or features which are the
pieces of information we can get on new
users so the concept here is we have
a training data set which
is labeled where we know all these individuals
whether or not they responded to our bot
and we're going to want to use this to help us
build a model which will let us in the future
say I have a new person
I have not yet sent any communication to them
should my bot try to
contact them should I try to work with them
I'm going to use the features
the independent facts I can find out about this
person to build a model that will
let me predict whether or not that individual
is going to
respond to the bot
so it will be a good target for the bot
so we did two separate experiments
on this data the first was to figure out
which features are most important
the data we're working with here
basically we took all the users
we have various demographic
properties of them for example
the number of friends
the number of followers
how long they've been on twitter
how many tweets per day
we also took the content
of their tweet and tried to figure out
what type of words they're using
are they using expletives a lot
are they using I and me a lot
are they using we
different types of words like that
to try to figure out which of these is most relevant
to the problem of
will they interact with the bot
will they reply with the bot
so we wanted to figure out first which of these are most important
we wanted to build our models
to use that to actually predict
whether an individual will interact with
or reply to the bot
so all of our experiments here
data mining was done using the
Weka open source tool
it's available on all major operating systems
I don't know if it works on BSD
but
all major
desktop operating systems
written in Java
we've done some research extending it
adding additional tools to it
but I encourage you all to download it and play with it
if you're interested in going further with data mining
and machine learning
our results here were first the interacted
we wanted to see which individual is most likely to interact
so we used a bunch of different models
and we came out with that
these three properties of an individual
are what tells you if they're going to interact
with the bot
if they're going to either follow or reply to the bot
the first is we see cloud score
and then number of friends, number of followers
so those were, as Chris was saying
those were the features that
were most relevant for interacting with the bot
we also wanted to look at just replies alone though
we found something a little bit different
so same concept
all the things
and we still see cloud score is number one
but percent follow Friday
is the second most important feature here
so that's basically what percentage of tweets
mention, you know, hashtag follow Friday
that sort of thing
and it's actually interesting because we have
these two different data sets
that are working a little differently
and once we figured out these features we wanted to build models
that actually classify individuals
into whether they're going to interact or not
or whether they're going to reply or not
so we built a number of different models here
using different features, etc
and we found the best model
gave us a true positive rate of 61%
true negative of 71%
or to put it in easier terms
we see here we have true positives
true negatives, false positives
and false negatives
now you're going to look at this
and many of you are going to say
but your model still gave more false positives
than true positives
if the model predicted that someone is likely to interact
with the bot
it's still going to be wrong more often than not
however, compared to
the gray boxes which are
if we use just send messages to everyone
and try to see who's going to respond
we're able to eliminate
all of these individuals
who would otherwise have gotten a message
and they weren't going to respond anyway
so we're improving our odds of hitting
the people we care about
so remember everyone here
if you send a message to someone who's not going to respond
the chance they're going to report your bot
so you want to minimize the number of people in this area
to try to maximize the effectiveness of your bot
and we did related models
for the replied data set
it's a little more challenging to build a model
with a performance that's a little worse here
and we found also that different models
perform well
and this is something in data mining
it's important to understand
you might say why don't we all just use the best model
what's the challenge of building different models
and looking at how they perform
and ultimately the optimal model will vary
we see also here similar performance
where again
more false positives than true positives
but we're significantly able to
improve the performance of our model
improve the chances
that our bot is going to hit
those people we care about
people who are going to reply to the bot
and that makes us build a better bot
that will be able to get a better response
and last longer before it gets reported on twitter
so overall
we found throughout this part
here is that we have our
a model able to find the features
that are most important for interaction
and replies to the bot
we also found that
the two data sets, interaction and reply
are different
while clout score which is related to extraversion
is important for interaction and reply
whether the number of friends and followers
actually matters more for interaction
while a Friday matters more for replies
and even though our models are not perfect
by any means
we still have a large number of false positives
we're able to build models
that let us build bots
that can attack those that are more likely
to be susceptible to the bot
so with that
I'm going to give it back to Chris here
thanks Randall
so wrapping up with some conclusions here
so
again we
found that extroverts
perhaps presented the greatest risk
because they're maybe more impulsive
we can look at that in
maybe just a little bit more depth
in a second
and
bot masters could use machine learning
to improve the performance of their bot
so the key here isn't that they take our model
or what we looked at to improve their bot
because that was specific to our particular bot
when Wagner looked at
the Aerofade bot
they got sort of pretty reasonable performance gains
because they had a larger majority
or a smaller minority
larger minority class
or whatever
so you create a bot
you target a few users
you use machine learning to improve your chances
and then you target it on the wider audiences
kind of how we think this could be employed
we're not suggesting people do that
but the marketeers have got a vested interest
in actually looking into that sort of behaviour
and marketeers
if you ever go to a marketing or digital media conference
are actually sort of hell bent on
actually trying to improve engagement
and understand click through rates
and all of that sort of stuff
propagandists of course
could use this to find people who are more likely
to respond and interact with them
maybe propagate false messages
and social engineers
Randall mentioned that Weka's got a command line interface
well you can
build that model into
Multigo for example
so that you get a bunch of Twitter users
return back the likelihood in a different colour
here of whether somebody's going to respond
so find the most gullible
potentially the most gullible people in your organisation
and reduce your scope appropriately
the other thing
this is what Yazan Boshmaf mentions
is that this could be used in terms of usable security
so help people understand
if they're sort of more susceptible
or more at risk from a social bot
we see that with browsers
and now the challenge is how do you do that
in a social network environment
so probably want to avoid this fellow though
so training
I mentioned training
focus on the people
who are perhaps most at risk
especially your sales team
who are more extroverted
naturally
then in terms of future research here
likely focus on more detailed
areas of the big five
specifically in extroversion
which has many facets
specifically I'm thinking impulsivity
impulsivity seems to be related to
people responding to phishing messages
so you could use something that's called
cognitive reflective test
to see if that has an impact
so here's an example of one of the questions
about cognitive reflective test
a bat and a ball cost $1.10 in total
a bat costs $1 more than the ball
how much does the ball cost
so getting that wrong
is an indicator
of impulsivity
I think there are three questions
or something like that in the CRT
so also maybe a target centric
approach for the social bot
ours was one size fits all
pretty dumb bot
but you could actually start looking at the language
of the core group that you're following
but it's not all negative
necessarily
there's a tall gentleman
a tall German gentleman
by the name of Lutz Finger
who does a lot of work in this field
and you can take a look at some of his videos
from the Strata conference
and he mentioned that OkCupid had a problem
with bots
so they created their own bots
and what they did when they identified a bot
is they created a replica of their dating site
entirely for bots
and had those bots talk to other bots
so there's an entire area apparently
of OkCupid
where you've just got what you could describe
as some bot on bot
I have no idea
whether that's true or not
but he states it in his video
I have no reason to distrust him
because he's taller than I am
so wrapping up then on the last slide
this gets back to Rilof
and Kenneth Geer's paper
illustrations from the Turing test
that sufficient interactivity with a computer
should reveal that it's human or not
but maybe that's going to be extending
so that you're going to need more and more time
to figure out whether it's human or not
or maybe you don't care
but the key thing here is that
I think you could apply machine learning
to improve the performance of a social bot
but it also shows that that's actually a problem
that the security community
and folks in general need to start
thinking about tackling
because this behavioural residue on social media
could be making users
flagging users who are more likely to respond
and therefore perhaps need more awareness
and more training
so that ladies and gentlemen
is the end of our presentation
we'll take questions in the Q&A room I guess
thanks a lot
